Hacking ebook social engineering the art of human hacking

407 333 0
Hacking ebook social engineering the art of human hacking

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

Thông tin tài liệu

Social Engineering Social Engineering The Art of Human Hacking Christopher Hadnagy Social Engineering: The Art of Human Hacking Published by Wiley Publishing, Inc 10475 Crosspoint Boulevard Indianapolis, IN 46256 www.wiley.com Copyright © 2011 by Christopher Hadnagy Published by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-0-470-63953-5 ISBN: 978-1-118-02801-8 (ebk) ISBN: 978-1-118-02971-8 (ebk) ISBN: 978-1-118-02974-9 (ebk) Manufactured in the United States of America 10 No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600 Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose No warranty may be created or extended by sales or promotional materials The advice and strategies contained herein may not be suitable for every situation Th is work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services If professional assistance is required, the services of a competent professional person should be sought Neither the publisher nor the author shall be liable for damages arising herefrom The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or website may provide or recommendations it may make Further, readers should be aware that Internet websites listed in this work may have changed or disappeared between when this work was written and when it is read For general information on our other products and services please contact our Customer Care Department within the United States at (877) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002 Wiley also publishes its books in a variety of electronic formats Some content that appears in print may not be available in electronic books Library of Congress Control Number: 2010937817 Trademarks: Wiley and the Wiley logo are trademarks or registered trademarks of John Wiley & Sons, Inc and/or its affi liates, in the United States and other countries, and may not be used without written permission All other trademarks are the property of their respective owners Wiley Publishing, Inc is not associated with any product or vendor mentioned in this book To my beautiful wife and my wonderful family; without you this would not have been possible Mati, there are no words to describe the gratitude I feel for what you have done ABOUT THE AUTHOR CHRISTOPHER HADNAGY is the lead developer of www.social-engineer.org, the world’s fi rst social engineering framework In more than 14 years of security and IT activity, he has partnered with the team at www.backtrack-linux.org and worked on a wide variety of security projects He also serves as trainer and lead social engineer for Offensive Security’s penetration testing team ABOUT THE TECHNICAL EDITOR JIM O’GORMAN is a professional penetration tester and social engineering auditor with more than 14 years of experience working for companies ranging from small ISPs to Fortune 100 corporations Jim is co-trainer of the Offensive Security Advanced Windows Exploitation class, one of the most difficult exploit development classes available A founding member of www.social-engineer.org, Jim is an authority on educating the public about social engineering threats INDEX goals of audit, 349 – 350 influence, 182 – 183 persuasion, 183 gold color association, 241 Google Google Dorks, 34 – 35 operands, 35 Google Hacking for Penetration Testers (Long), 34 – 35 Gouldner, Alvin, on reciprocity, 188 – 189 governments, 18 GPS location, smart phones, photographs, 37 GPS Tracker, 271 – 276 reading data, 276 – 279 green color association, 241 Grinder, John, 136 neurolinguistic programming, 101 Turtles All the Way Down, 138 guilt, 252 gut feelings, 202 H hackers, 17 versus co-workers as security threat, 4 ROI (return on investment) and, 2 hacks DMV, 300 – 306 Overconfident CEO, 310 – 317 Social Security Administration, 300 – 306 Theme Park Scandal, 317 – 322 Top Secret 1, 322 – 329 Top Secret 2, 329 – 337 halo effect, 208 hand gestures in deception, 134 – 135 hand placement, 156 hands/feet, interrogation and, 145 happiness, 125 – 127 smile, true versus fake, 125 – 126 harvesting, 25 head position, interrogation and, 145 hearing versus listening, 157 retention and, 157 hesitation in deception, 133 – 134 Hewlett-Packard, pretexting example, 93 – 95 Hogan, Kevin, 181 human buffer overflow, 172 – 174 embedded commands, 176 – 178 fuzzing, 174 – 176 human infrastructure, 3 humiliation, 252 I ICanStalkU.com, 37 identifying attacks, 340 – 341 identity thieves, 17 ripped up check in car, 31 ideological incentives, 244 – 246 imagination of listener, 177 – 178 incentives for manipulation financial, 244 ideological, 244 – 246 social, 246 – 247 indebted feelings, reciprocation and, 190 indifferent approach to interrogation, 151 indirect approach to interrogation, 149 369 370 INDEX influence See also persuasion authority, 199 legal authority, 199 – 200 organizational authority, 200 – 201 social authority, 201 – 202 symbols of, 201 Cialdini, Robert, 181 commitment, 202 – 203 concession, 193 – 194 contingent concessions, 194 donation requests, 195 installments, 194 label concessions, 194 negotiation and, 195 reciprocity, 194 conditioning, marketing, 242 – 243 consensus, 210 – 211 consistency, 202 – 203 emotions and, 187 flexibility and, 186 – 187 framing alignment, 221 – 222 amplification, 224 – 225 bridging, 223 – 224 extension, 225 – 226 politics, 215 – 216 protest, 222 relationships, 221 relevance, 222 subliminal, 218 – 219 tasks, 221 transformation, 226 – 227 uses, 227 – 230 fundamentals, 182 goals, 182 – 183 Hogan, Kevin, 181 internal dialog and, 186 Langer, Ellen, 181 liking and, 206 – 207 first impressions, 210 physical attractiveness, 207 – 209 manipulation anxiety, 252 color, 240 – 242 conditioning, 235 control over environment, 234 definitions, 233 diversion, 236 doubt, 234 emotional responses, 234 guilt, 252 humiliation, 252 incentives, 244 – 246 intimidation, 234, 252 – 253 loss of privilege, 252 Motrin recall, 235 – 236 planogram, 238 – 240 positive, 253 – 256 powerlessness, 234 product placement, 238 – 239 shoppers, 238 – 241 social anxiety disorder campaign, 237 suggestibility and, 233 uses, 233 – 234 NLP and, 181 obligation, 191 – 193 rapport, 183 – 184 reciprocation, 188 – 189 ask for what you want, 190 – 191 giving away something, 189 – 190 indebted feelings, 190 scarcity, 195 – 196 economics, 197 intentional short supply, 196 meat salesman, 197 – 198 restaurants, 196 social events, 196 urgency, 197 INDEX sensory acuity, 186 social proof, 210 – 211 Candid Camera, 213 laugh tracks, 212 pain tolerance, 212 – 213 sales, 211 – 212 similarity, 214 tip jar salting, 212 – 213 uncertainty, 214 surroundings, 186 tactics, 187 – 188 information gathering BackTrack BasKet, 26 – 28 Dradis, 26, 28 – 29 coffee shop conversation, 31 – 32 commitment and consistency, 205 communication modeling and, 53 elicitation and, 56, 57 – 58 observation, 39 pretexting and, 78 sources, 33 websites, 34 – 39 information value, 344 – 346 installments on concessions, 194 instructions, stories as, 176 – 177 insurance company empathy, 167 – 168 intentional short supply of product, 196 internal dialog, influence and, 186 Internet fraud, social engineering and, 200 interrogation, 102 aggressive approach, 150 alternate route, 148 – 149 baseline, 146 behavior changes, 145 body posture, 145 combination approach, 150 denials, 147 Department of Defense, 149 – 150 direct approach, 149 egotistical approach, 151 emotional approach, 150 end goal, 152 – 153 environment control, 250 exaggeration approach, 151 – 152 eyes, 145 face-saving approach, 151 gestures anchoring, 155 arm/hand placement, 156 – 157 cultural differences, 153 – 154 mirroring, 155 – 156 hands/feet, 145 head position, 145 indifferent approach, 151 indirect approach, 149 versus interview, 143 – 144 listening distractions, 158 feedback, 159 versus hearing, 157 interrupting, 159 paying attention, 158 proof, 159 reflective responding, 161 responses, 159 – 160 logical approach, 150 mouth/lips, 145 objections, 147 positive confrontation, 146 prep questions, 152 – 153 primary sense, 145 professional tactics, 144 – 146 pronoun use, 146 response time, 145 – 146 signs, groups, 145 371 372 INDEX skin color, 145 sympathetic approach, 149 theme development, 146 – 147 verb tense, 146 voice, 145 wedging the alibi approach, 152 words, 145 interview versus interrogation, 143 – 144 intimidation, 252 – 253 IP addresses, servers, hosting, 36 K Kaspersky Labs, social networks, 2 key phrases, matching, 171 kindness, rapport building and, 185 kinesthetic thinker, 104, 106 – 107 sub-modalities, 107 touching objects, 108 Kmart’s planogram, 238 – 240 knowledge assumed, 68 – 69 rapport and, 166 Kurgan, Murgis, 295 L labeling, 230 Lakoff, George, 215 – 216 Langer, Ellen, 181 mindlessness, 201 – 202 laugh tracks, social proof and, 212 law of expectations, 175 lawyers, 18 leaders, social authority and, 201 leading questions, 72 – 73 leads, warm leads, 25 legal authority, 199 – 200 legal issues, pretexting, 96 – 97 Li, Wen, 130 liking first impressions, 210 influence and, 206 – 208 marketing and, 207 physical attractiveness and, 207 – 209 steps to get people to, 210 Tupperware parties, 207 LinkedIn, 34 lips See also mouth/lips listening distractions, 158 feedback, 159 versus hearing, 157 interrupting, 159 paying attention, 158 proof, 159 rapport building and, 163 responses, 159 – 160 reflective responding, 161 lock picks, 260 – 261 bump keys, 265 – 266 Bump Proof BiLock, 267 electronic locks, 264 – 265 kits, 262 magnetic locks, 264 – 265 padlock shims, 266 – 267 picking locks, 261 practice, 263 raking, 263 – 264 shove knives, 265 locks, 260 Loftus, Elizabeth, 73 logical approach to interrogation, 150 Long, Johnny, Google Hacking for Penetration Testers, 34 – 35 Los Alamos scientist in China, 69 – 70 loss of privilege, 252 Lustig, Victor, 11 INDEX M Machlin, Evangeline, Dialects for the Stage, 84 macroexpressions, 110 magnetic locks, 264 – 265 malicious hackers, 2 Maltego, 36, 42, 280 – 282 manipulation, 8 anxiety, 252 color associations black, 240 blue, 241 brown, 242 gold, 241 green, 241 orange, 241 purple, 242 red, 241 white, 240 yellow, 241 conditioning, 235 control over environment, 234, 250 cults, 250 – 251 definitions, 233 diversion, 236 doubt, 234 emotional responses, 234 goals, 248 guilt, 252 humiliation, 252 incentives financial, 244 ideological, 244 – 246 social, 246 – 247 intimidation, 234, 252 – 253 loss of privilege, 252 Motrin recall, 235 – 236 planogram, 238 – 240 positive, 253 – 256 373 powerlessness, 234, 251 – 252 product placement, 238 – 239 shoppers, 238 – 241 music loops, 240 social anxiety disorder campaign, 237 suggestibility and, 233 increasing, 248 – 249 pen clicks, 249 undermining beliefs, 250 – 251 uses, 233 – 234 marketing beauty and, 208 conditioning, 242 – 243 consistency, 202 ideological incentives, 245 liking and, 207 social anxiety disorder campaign, 237 Matherly, John, 35 Mehrabian, Albert, 164 Michon, Richard, 240 micro-movements, 110 microexpressions, 109 – 111 deception detection, 111, 131 – 135 Ekman, Paul, 101, 110 emotions, 111 training, 128 emotions anger, 112 – 114 contempt, 116 – 118 disgust, 114 – 116 fear, 118 – 120 happiness, 125 – 127 limitations, 129 mirroring, 130 neurolinguistic hacking, 130 sadness, 122 – 125 social engineers and, 129 – 131 stoic eyes, 123 surprise, 120 – 122 training to see, 127 – 129 374 INDEX micromomentary expressions, 110 microsoft.com PDF files, 35 Milan, Cesar, 60 – 61 mindlessness, Ellen Langer, 201 – 202 mirroring gestures, 155 – 156 mirroring microexpressions, 130 Mischke, Tom, 79 mistakes, purposeful, 87 mitigation audits and, 348 – 349 auditor selection, 352 – 354 goal setting, 349 – 350 included items, 350 – 352 personal security awareness culture, 341 – 344 scripts, 348 software update maintenance, 347 – 348 steps, 339 – 340 Mitnick, Kevin, 8, 11 The Art of Deception, 299 DMV hack, 300 – 306 Social Security Administration hack, 306 – 310 Mizrahi, Avi, 36 modes of thinking, 103 auditory thinkers, 104, 106 dominant sense, discernment, 107 – 108 FBI memo, 103 importance of, 108 – 109 interrogation and, 145 kinesthetic thinkers, 104, 106 – 107 sub-modalities, 107 listening for, 108 observation, 108 pen exercise, 108 – 109 senses, 103 – 105 sub-modalities, 104 visual thinkers, 104, 105 – 106 sub-modalities, 105 – 106 “Modification of Audible and Visual Speech,” 174 Morgan, Scott, 230 – 231 Morgan Stanley employee theft, 15 – 16 Moriarty, Thomas, radio stealing at beach, 206 Motrin recall, 235 – 236 Moulton, Scott, port scans, 36 mouth/lips, interrogation and, 145 movies, preloading and, 61 – 62 Mularski, J Keith, DarkMarket, 16 music loops for shopper manipulation, 240 N natural-born leaders, 201 needs, psychological, 167 – 169 negation, embedded commands and, 177 negotiation, concessions, 195 neurolinguistic hacking, 130 Nickerson, Chris, 10 pretexting, 77 – 78 Nigerian Scam, 13 – 14 NLP (neurolinguistic programming), 7 Bandler, Richard, 136 Bateson, Gregory, 136 Brandler, Richard, 101 breathing rate, 170 codes, 137 Condon, William, 110 conscious/unconscious relationships, 138 definition, 136 DeLozier, Judith, 137 Grinder, John, 101, 136 INDEX history, 136 – 137 influence and, 181 key phrases, 171 meta-model, 136 new code, 137 – 138 perceptual filters, 138 Planet NLP, 141 scripts, 138 sentence structure, 139 – 143 social engineers’ uses, 138 – 139 speech pattern matching, 170 – 171 states, 138 Ultimate Voice, 140 – 142 vocal tone matching, 170 – 171 voice, 139 NMAP, port scans, 36 nonverbal communication, 44 NSA (National Security Agency), elicitation, 56 O objections, 147 obligation, 191 – 193 observation, 39 office sounds, 85 – 86 online tools, 279 – 280 Maltego, 280 – 282 SET (Social Engineer Toolkit), 283 – 288 open-ended questions, 70 – 71 open palm, 156 opening lines, 255 opening up, 64 – 65 orange color association, 241 orbicularis oculi muscle in smiling, 126 organizational authority, 200 – 201 O’Sullivan, Maureen Ekman, Paul, 110 – 111 Wizards Project, 110 – 111 Overconfident CEO hack, 310 – 317 P padlock shims, 266 – 267 pain tolerance, social modeling and, 212 – 213 Paller, Ken A., 130 password profilers, 292 – 293 CeWl, 296 – 267 CUPP (Common User Password Profiler), 42, 295 – 296 WYD (Who’s Your Daddy), 42 passwords attack list, 12 BitDefender study, 292 commonly used themes, 12 past tense for negatives, 255 – 256 Pavlov, Ivan, 105, 235 paying attention, 158 pen click manipulation, 249 penetration testers, 17 program crashes, 30 perception communication and, 44 framing and, 216 person in distress, 52 personal attachments of target, 80 personal information, websites offering, 12 personal interests, pretexting and, 81 – 82 personal realities and communication, 44 personal security awareness culture, 341 – 344 personal websites, 34 persuasion See also influence conditioning, marketing, 242 – 243 consensus, 210 – 211 emotions and, 187 375 376 INDEX flexibility and, 186 – 187 goals, 183 liking and, 206 – 207 first impressions, 210 physical attractiveness, 207 – 209 manipulation color, 240 – 242 conditioning, 235 control over environment, 234 definitions, 233 diversion, 236 doubt, 234 emotional responses, 234 incentives, 244 – 246 intimidation, 234 Motrin recall, 235 – 236 planogram, 238 – 240 powerlessness, 234 product placement, 238 – 239 shoppers, 238 – 241 social anxiety disorder campaign, 237 suggestibility and, 233 uses, 233 – 234 sensory acuity, 186 social proof, 210 – 211 Candid Camera, 213 laugh tracks, 212 pain tolerance, 212 – 213 sales, 211 – 212 similarity, 214 tip jar salting, 212 – 213 uncertainty, 214 surroundings, 186 pharmaceutical companies and reciprocation, 188 phishing email, 50 – 51 SET (Social Engineer Toolkit), 284 – 285 phone use, 84 – 86 photographs, smart phones, GPS location, 37 physical attractiveness, 207 – 209 physical tools cameras, 267 – 268, 269 – 270 lock picks, 260 – 261 bump keys, 265 – 266 Bump Proof BiLock, 267 electronic locks, 264 – 265 kits, 262 magnetic locks, 264 – 265 padlock shims, 266 – 267 shove knives, 265 recording devices, 267 – 268 reasons for, 268 picking locks, 261 bump keys, 265 – 266 electronic locks, 264 – 265 magnetic locks, 264 – 265 padlock shims, 266 – 267 practice, 263 raking, 263 – 264 shove knives, 265 Planet NLP, 141 planogram, 238 – 240 planting ideas See preloading politicians and recriprocation, 188 politics, framing and, 215 – 216, 216 port scans, 36 European laws, 36 Mizrahi, Avi, 36 Moulton, Scott, 36 positive confrontation, 146 positive manipulation, 253 – 256 positive reinforcement, 209 powerlessness of target, 251 – 252 practice dialects, 83 – 84 expressions, 83 – 84 INDEX preloading movies and, 61 – 62 steak dinner, 62 – 63 presupposition, 175 pretexting celebrity death, 81 conclusion, 90 – 91 definition, 78 description, 77 dialects, 83 – 84 examples Hewlett-Packard, 93 – 95 Rifkin, Stanley Mark, 91 – 93 expressions, 83 – 84 follow-through, 90 – 91 FTC and, 94 – 95, 97 information gathering and, 78 Internet and, 77 legal issues, 96 – 97 life uses, 78 personal interests, 81 – 82 phone use, 84 – 86 Pitt, Brad, 78 post-disaster scams, 80 – 81 principles of, 79 – 80 radio hosts and, 79 research and, 80 – 81 simplicity, 86 – 88 spontenaity, 88 – 90 targets, attachments, 80 tech support guy, 88 tools, 98 – 99 prevention audits and, 348 – 349 auditor selection, 352 – 354 goal setting, 349 – 350 included items, 350 – 352 personal security awareness culture, 341 – 344 scripts, 348 software update maintenance, 347 – 348 steps, 339 – 340 product placement, 238 – 239 profiling software, 42 – 43 password profilers CUPP (Common User Passwords Profiler), 42 WYD (Who’s Your Daddy), 42 Progressive Environmentalist Movement, 226 pronoun use, 146 proof of listening, 159 props, pretexting, 98 – 99 psychological needs, 167 – 169 psychologists, 18 public reports, 39 public servers, 36 Matelgo, 36 purple color association, 242 Q questions, 53 – 54 assumptive, 73 – 74 closed-ended, 71 – 72 leading, 72 – 73 open-ended, 70 – 71 pyramid approach, 71 quotes, embedded commands and, 176 – 177 R rakes for lock picking, 261 raking locks, 263 – 264 rapport, 64 – 65 active listening, reflective responding, 161 377 378 INDEX bank tellers, 169 building, 162 – 163 affect on people, 163 – 164 appearance and, 163 body language matching, 171 breathing rate, 170 key phrases, 171 kindness and, 185 liking people, 163 listening, 163 speech pattern matching, 170 – 171 vocal tone matching, 170 – 171 curiosity and, 166 – 167 definition, 162 empathy and, 165 general knowledge, 166 importance, 102 influence and, 183 – 184 meeting people’s needs, 167 – 169 talking about self, 164 testing, 171 – 172 Rasul, Imran, 247 reality TV shows, framing and, 232 reciprocation ask for what you want, 190 – 191 concessions and, 194 cultural differences and, 189 giving away something, 189 – 190 Gouldner, Alvin, 188 – 189 indebted feelings, 190 influence and, 188 – 189 recording devices, 267 – 268 cellular card, 270 reasons for, 268 red color association, 241 reflective responding, 161 reinforcement, 209 relationships, framing and, 221 rental car, 30 – 31 reports, public reports, 39 research, pretexting and, 80 – 81 response time, interrogation and, 145 – 146 Rifkin, Stanley Mark, 91 – 93 ripped up check in car, 30 – 31 ROI (return on investment), hackers and, 2 routers, searching for, 35 rules for communication, 45 Rusch, Jonathan J., 200 S sadness, 122 – 125 sales, social proof and, 211 – 212 salespeople, 18 social engineers mirroring, 25 salting the tip jar, 212 – 213 Sargant, William, Battle for the Mind, 249 satiation of reinforcement, 209 scam artists, 18 scarcity principle, 14, 195 – 196 economics, 197 intentional short supply, 196 meat salesman, 197 – 198 restaurants, 196 social events, 196 urgency, 197 scripts, 85 – 86, 291 – 292 prevention and mitigation, 348 SE (Social Engineering) definition, 10 overview, – 20 scarcity and, 14 uses, – search engines, 34 – 35 Google, 34 – 35 Shodan, 35 INDEX security hackers versus co-workers, 4 patches for software, 347 – 348 personal security awareness culture, 341 – 344 seriousness, 3 security through education, 2 self-confidence, situational, 82 senses, 103 – 104 modes of thinking, 104 – 105 sub-modalities, 104 sensory acuity, 186 sentence structure, NLP and, 139 – 143 servers hosting, 36 public, 36 searching for, 35 SET (Social Engineer Toolkit), 283 – 288 Shannon, Claude, 45 Shannon-Weaver model, 45 basis, 46 problems for, 46 Shodan search engine, 35 shoppers, manipulation, 238 – 241 music loops, 240 short supply of product, 196 shove knives for lock picking, 265 shredded documents, 40 – 41 similarity, social proof and, 214 simplicity in pretexting, 86 – 88 skills, ingraining, 214 skin color, interrogation and, 145 Skitka, Linda, 230 – 231 Slaney, Malcolm, 174 Smart, Jamie, 181 “The map is not the territory.”, 182 smart phones, pictures, GPS location, 37 SMCR (Sender-Message-ChannelReceiver) model, 46 – 47 smiles de Boulogne, Duchenne, 125 – 126 true versus fake, 125 – 126 Snow, David, 221 – 222 frame amplification, 224 social, definition, 9 social anxiety disorder campaign, 237 social authority, 201 – 202 social engineering framework, 3 social engineers communication and, 48 disgruntled employees, 17 – 18 doctors, 18 executive recruiters, 18 governments, 18 hackers, 17 identity thieves, 17 lawyers, 18 microexpressions and, 129 – 131 NLP use, 138 – 139 penetration testers, 17 psychologists, 18 salespeople, 18 scam artists, 18 spies, 17 thinking like, 30 – 33 types, 16 social incentives, 246 – 247 social networks, 247 – 248 tail-gaiting, 248 social interaction rules, 47 social media, 37 Blippy, 37 – 38 information gathering, 38 social media outlets, job information, 34 379 380 INDEX social proof, 201, 210 – 211 Candid Camera, 213 celebrity endorsement of product, 211 Cialdini, Robert, 210 laugh tracks, 212 pain tolerance, 212 – 213 sales and, 211 – 212 similarity and, 214 tip jar salting, 212 – 213 uncertainty and, 214 Social Security Administration hack (Mitnick), 306 – 310 Social Security Number background checkers and, 39 illegal use, 95 software profiling software, 42 – 43 Maltego, 42 password profilers, 42 searching Internet for, 35 security patches, 347 – 348 update maintenance, 347 – 348 speech pattern matching, 170 – 171 spies, 17 SpoofApp, 290 – 291 SpoofCard, 86, 290 spoofing Caller ID, 289 – 290 caller ID, 86 SpyHawk SuperTrak GPS Worldwide Super Trackstick USB Data Logger, 271 – 276 reading data, 276 – 279 stamp collection, 23 – 24 steepled fingers, 156 Stevens, Tom G., self-confidence, 82 stoic eyes, 123 stories as direct instructions, 176 – 177 subliminal framing, 218 – 219 suggestibility of target, 233 increasing, 248 – 249 pen clicks, 249 surprise, 120 – 122 fear and, 118, 120 – 121 symbols of authority, 201 sympathetic approach to interrogation, 149 T tail-gating, 248 tapping/drumming fingers, 156 targets attention, holding, 148 baseline, 146 behavior and your emotion, 253 – 254 emotional attachments, 80 environment, controlling, 250 intimidation, 252 – 253 personal attachments, 80 powerlessness, 251 – 252 suggestibility, increasing, 248 – 249 undermining beliefs, 250 – 251 tech support, pretexting, 88 Teensy HID attack vector, 287 telelphone use, 84 – 86 telephone-based tools Asterisk, 291 Caller ID spoofing, 289 – 290 scripts, 291 – 292 SpoofApp, 290 – 291 SpoofCard, 290 Telephone Records and Privacy Protection Act of 2006, 95 tense switches, 146 tension wrenches for lock picking, 261 The Art of Deception (Mitnick), 299 INDEX The Expression of the Emotions in Man and Animals (Darwin), 110 The Real Hustle, 58 – 59 theft, employee theft, 15 – 16 theme development, 146 – 147 Theme Park Scandal, 317 – 322 Thriving Office, 85 – 86 tip jar salting, 212 – 213 Tomkins, Silvan, 110 tools GPS Tracker, 271 – 272 online, 279 – 280 Maltego, 280 – 282 SET (Social Engineer Toolkit), 283 – 288 password profilers, 292 – 297 physical cameras, 267 – 270 lock picks, 260 – 267 recording devices, 267 – 268 practice, 271 pretexting, 98 – 99 telephone-based Asterisk, 291 Caller ID spoofing, 289 – 290 scripts, 291 – 292 SpoofApp, 290 – 291 SpoofCard, 290 Top Secret case study, 322 – 329 Top Secret case study, 329 – 337 torture, framing and, 231 – 232 Tostitos logo, 219 touching objects by kinesthetic thinkers, 108 touching self, 156 transactional model of communications, Balmund, D.C., 47 – 48 381 trash, 39 dumpster diving pointers, 41 shredded documents, 40 – 41 valuable things, 31 Tupperware parties, 207 Turtles All the Way Down (DeLozier and Grinder), 138 TV reality shows, framing and, 232 U Ultimate Voice, NLP and, 140 – 142 uncertainty, social proof and, 214 undermining beliefs, 250 – 251 Unmasking the Face (Ekman), 111 updating software, 347 – 348 USB drive acceptance, communication and, 51 – 52 user sites, 37 – 38 V valuable things thrown away, 31 value of information, 344 – 346 verb tense, 146 verbal communication, 44 visual framing, 216 – 219 visual thinkers, 104, 105 – 106 sub-modalities, 105 – 106 vocal tone matching, 170 – 171 voice interrogation and, 145 NLP and, 139 Vontu, confidential data in email, 4 W warm leads, 25 Weaver, Warren, 45 See also Shannon-Weaver model 382 INDEX web attack vector, SET (Social Engineer Toolkit), 285 – 286 websites background checkers, 39 ICanStalkU.com, 37 information collection, 12 lock picking, 261 microsoft.com, PDF files, 35 personal websites, 34 public reports, 39 public servers, 36 search engines, 34 – 35 social-engineer.org, 3 social media, 37 user sites, 37 – 38 wedging the alibi approach to interrogation, 152 Westbury, Chris, 186 white color association, 240 Whois, 35 Winston, Joel, 96 – 97 Withgott, Margaret, 174 Wizards Project, 110 – 111 Wong, Kelvie, 26 words, interrogation and, 145 workplace friends, 247 – 248 WYD (Who’s Your Daddy) profiling software, 42 Y yellow color association, 241 Z Zinbarg, Richard E., 130 zygomaticus major muscle in smiling, 126 WILEY END USER LICENSE AGREEMENT Go to www.wiley.com/go/eula to access Wiley’s ebook EULA ... Social Engineering Social Engineering The Art of Human Hacking Christopher Hadnagy Social Engineering: The Art of Human Hacking Published by Wiley Publishing,... into the science and art of a specific social engineering skill to show you how it can be used, enhanced, and perfected The next section of this chapter, “Overview of Social Engineering, ” defines social. .. know about the target, if the social engineer hasn’t outlined every intimate detail, then the chance of failure is more likely to occur Information gathering is the crux of every social engineering

Ngày đăng: 29/10/2019, 14:20

Từ khóa liên quan

Mục lục

  • Cover

  • Title Page

  • Copyright

  • Contents

  • Foreword

  • Preface and Acknowledgments

  • Chapter 1: A Look into the World of Social Engineering

    • Why This Book Is So Valuable

      • The Layout

      • What’s Coming Up

    • Overview of Social Engineering

      • Social Engineering and Its Place in Society

      • The Different Types of Social Engineers

      • The Social Engineering Framework and How to Use It

    • Summary

  • Chapter 2: Information Gathering

    • Gathering Information

      • Using BasKet

      • Using Dradis

      • Thinking Like a Social Engineer

    • Sources for Information Gathering

      • Gathering Information from Websites

      • Using the Power of Observation

      • Going through the Garbage

      • Using Profiling Software

    • Communication Modeling

      • The Communication Model and Its Roots

      • Developing a Communication Model

    • The Power of Communication Models

  • Chapter 3: Elicitation

    • What Is Elicitation?

    • The Goals of Elicitation

      • Preloading

      • Becoming a Successful Elicitor

      • Using Intelligent Questions

    • Mastering Elicitation

    • Summary

  • Chapter 4: Pretexting: How to Become Anyone

    • What Is Pretexting?

    • The Principles and Planning Stages of Pretexting

      • The More Research You Do, the Better the Chance of Success

      • Involve Personal Interests to Increase Success

      • Practice Dialects or Expressions

      • Using the Phone Should Not Reduce the Effort for the Social Engineer

      • The Simpler the Pretext, the Better the Chance of Success

      • The Pretext Should Appear Spontaneous

      • Provide a Logical Conclusion or Follow-through for the Target

    • Successful Pretexting

      • Example 1: Stanley Mark Rifkin

      • Example 2: Hewlett-Packard

      • Staying Legal

      • Additional Pretexting Tools

    • Summary

  • Chapter 5: Mind Tricks: Psychological Principles Used in Social Engineering

    • Modes of Thinking

      • The Senses

      • The Three Main Modes of Thinking

    • Microexpressions

      • Anger

      • Disgust

      • Contempt

      • Fear

      • Surprise

      • Sadness

      • Happiness

      • Training Yourself to See Microexpressions

      • How Social Engineers Use Microexpressions

    • Neurolinguistic Programming (NLP)

      • The History of Neurolinguistic Programming

      • Codes of Neurolinguistic Programming

      • How to Use NLP as a Social Engineer

    • Interview and Interrogation

      • Professional Interrogation Tactics

      • Gesturing

      • Arm and Hand Placement

      • Listening Your Way to Success

    • Building Instant Rapport

      • Be Genuine about Wanting to Get to Know People

      • Take Care with Your Appearance

      • Be a Good Listener

      • Be Aware of How You Affect People

      • Keep the Conversation off Yourself

      • Remember That Empathy Is Key to Rapport

      • Be Well Rounded in Your General Knowledge

      • Develop Your Curious Side

      • Find Ways to Meet People’s Needs

      • Using Other Rapport-Building Techniques

      • Testing Rapport

    • The Human Buffer Overflow

    • Summary

  • Chapter 6: Influence: The Power of Persuasion

    • The Five Fundamentals of Influence and Persuasion

      • Have a Clear Goal in Mind

      • Rapport, Rapport, Rapport

      • Be in Tune with Yourself and Your Surroundings

      • Don’t Act Insane—Be Flexible

      • Get in Touch with Yourself

    • Influence Tactics

      • Reciprocation

      • Obligation

      • Concession

      • Scarcity

      • Authority

      • Commitment and Consistency

      • Liking

      • Consensus or Social Proof

    • Altering Reality: Framing

      • Politics

      • Using Framing in Everyday Life

      • Four Types of Frame Alignment

      • Using Framing as a Social Engineer

    • Manipulation: Controlling Your Target

      • To Recall or Not To Recall

      • Anxiety Cured at Last

      • You Can’t Make Me Buy That!

      • Conditioning Targets to Respond Positively

      • Manipulation Incentives

    • Manipulation in Social Engineering

      • Increasing a Target’s Suggestibility

      • Controlling the Target’s Environment

      • Forcing the Target to Reevaluate

      • Making the Target Feel Powerless

      • Dishing Out Nonphysical Punishment

      • Intimidating a Target

      • Using Positive Manipulation

    • Summary

  • Chapter 7: The Tools of the Social Engineer

    • Physical Tools

      • Lock Picks

      • Cameras and Recording Devices

      • Using a GPS Tracker

    • Online Information-Gathering Tools

      • Maltego

      • SET: Social Engineer Toolkit

      • Telephone-Based Tools

      • Password Profilers

    • Summary

  • Chapter 8: Case Studies: Dissecting the Social Engineer

    • Mitnick Case Study 1: Hacking the DMV

      • The Target

      • The Story

      • Applying the SE Framework to the DMV Hack

    • Mitnick Case Study 2: Hacking the Social Security Administration

      • The Target

      • The Story

      • Applying the SE Framework to the SSA Hack

    • Hadnagy Case Study 1: The Overconfident CEO

      • The Target

      • The Story

      • Applying the SE Framework to the Overconfident CEO Hack

    • Hadnagy Case Study 2: The Theme Park Scandal

      • The Target

      • The Story

      • Applying the SE Framework to the Theme Park Hack

    • Top-Secret Case Study 1: Mission Not Impossible

      • The Target

      • The Story

      • Applying the SE Framework to Top Secret 1

    • Top-Secret Case Study 2: Social Engineering a Hacker

      • The Target

      • The Story

      • Applying the SE Framework to the Top Secret Case Study 2

    • Why Case Studies Are Important

    • Summary

  • Chapter 9: Prevention and Mitigation

    • Learning to Identify Social Engineering Attacks

    • Creating a Personal Security Awareness Culture

    • Being Aware of the Value of the Information You Are Being Asked For

    • Keeping Software Updated

    • Developing Scripts

    • Learning from Social Engineering Audits

      • Understanding What a Social Engineering Audit Is

      • Setting Audit Goals

      • What Should and Should Not Be Included in an Audit

      • Choosing the Best Auditor

    • Concluding Remarks

      • Social Engineering Isn’t Always Negative

      • The Importance of Gathering and Organizing Information

      • Choose Your Words Carefully

      • Have a Good Pretext

      • Practice Reading Expressions

      • Manipulation and Influence

      • Be Alert to Malicious Tactics

      • Use Your Fear

    • Summary

  • Index

  • EULA

Tài liệu cùng người dùng

  • Đang cập nhật ...

Tài liệu liên quan